Overview

overview

10

Static

static

10

988-117-0x...ry.exe

windows7-x64

988-117-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    988-117-0x00000000001E0000-0x0000000000210000-memory.dmp

  • Size

    192KB

  • MD5

    084cffd829c98a743d106107081ea144

  • SHA1

    337f446f9eb64884ab1953c69a1ba8fc70c392b2

  • SHA256

    0cede57df2fa6d7183e09283ec02ec84a2fefbaeb7ffa33a0aa073f5a7ecc768

  • SHA512

    fdb18e0acfeac0fa45cbfcd4f16da7c670b24fb5baa8df91169c3d0844bcc92f8fa6cefd61b8c92817ccef01850bc4ef01472fb6eaf8df4452750a13a82c5ba3

  • SSDEEP

    3072:2XtDiwyqSVghBGfAGtTjxNKifvWPxne8e8hy:AibuhM5ZmnPxne

Score
10/10
rovnoredline

Malware Config

Extracted

Family

redline

Botnet

rovno

C2

83.97.73.130:19061

Attributes
  • auth_value

    88306b072bfae0d9e44ed86a222b439d

Signatures

  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 988-117-0x00000000001E0000-0x0000000000210000-memory.dmp
    .exe windows x86


    Headers

    Sections